[Novalug] encryption at rest on a virtual server for a virtual drive

The Doctor drwho@virtadpt.net
Wed Sep 11 13:39:30 EDT 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 09/10/2013 11:18 PM, Stuart Gathman wrote:

> a. The key will remain readable in RAM for several minutes after 
> pulling the power plug,  so you would also need to password the
> BIOS - or else activate TCA to prevent booting anything that isn't
> signed.

The attacker would need physical access, would need to know which
physical server it is, and would need sufficient equipment in hand to
mount a coldboot attack.  Mitigated by site security, locks, cages,
servers looking the same, armed guards, needing to tear open the
machine...

What's the threat model here?  Personal box in the basement or at work?

> b. If I were a data thief, I would bring a UPS to keep the server 
> running while I disconnected it (especially easy with dual power

Commercially available:

https://drwho.virtadpt.net/archive/2008/02/22/portable-power-for-search-and-seizure

> supplies).  To defeat that, the server needs a watchdog process
> that checks for authenticated connectivity to another secure
> server, which is only available on the local LAN.  The server wipes
> keys (and forcibly terminates virtual machines) if it loses that
> connectivity.

Could such a thing also be wired into a case opening detection switch?

- -- 
The Doctor [412/724/301/703] [ZS]
Developer, Project Byzantium: http://project-byzantium.org/

PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F  DD89 3BD8 FF2B 807B 17C1
WWW: https://drwho.virtadpt.net/

END OF LINE

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlIwqtIACgkQO9j/K4B7F8HYZQCgxOi4w4UF7+nSnXCerAzl2cUs
feIAoPhbnRuvdP81XZv3gouQJ+BFbaBi
=HTc+
-----END PGP SIGNATURE-----



More information about the Novalug mailing list